OpenVPN connects OK, remote pc can access partial LAN



  • Hello, this is my first try with OpenVPN, and i could make it work partialy but i need some help.

    Lan: 192.168.1.0/24
    VPN: 10.0.0.0/24
    Server 1: 192.168.1.71
    Server 2: 192.168.1.72
    Access Point: 192.168.1.5

    Remote PC: 192.168.10.0/23
    VPN: 10.0.0.2

    Firewall-Rules-OpenVPN: IPv4 * * * * * * none Acceso a LAN

    From the remote pc, i can ping and RDP Server 1 and Server 2
    i can also access the pfsense web admin on 192.168.1.1

    but i cant ping or access the web admin on the access point on 192.168.1.5 (there are other 3 AP on the network i cant access .6 .7 .8), i cant access the web admin of 3 network printers also.

    i cannot access shared folders using \server1 , i can only access folders with \192.168.1.71



  • Hi,

    @nicolasvi said in OpenVPN connects OK, remote pc can access partial LAN:

    but i cant ping or access the web admin on the access point ....

    So you can access 192.168.1.1 (pfSense) ... Server 1: 192.168.1.71 .... Server 2: 192.168.1.72 ... but not Access Point: 192.168.1.5

    That's a pretty good proof that you need to tell your AP that it should accept connections not only from the 192.168.1.0/24 network (= only local devices) - which is a nice security thing btw - but also from your other trusted networks, like your incoming VPN network 10.0.0.0/24,

    Printer admin interfaces : most probably the same issue.



  • @Gertjan didnt tought about the device ignoring me! Thanks for your answer!

    I'll see what can i do about that in the AP config



  • @Gertjan said in OpenVPN connects OK, remote pc can access partial LAN:

    Hi,

    @nicolasvi said in OpenVPN connects OK, remote pc can access partial LAN:

    but i cant ping or access the web admin on the access point ....

    So you can access 192.168.1.1 (pfSense) ... Server 1: 192.168.1.71 .... Server 2: 192.168.1.72 ... but not Access Point: 192.168.1.5

    That's a pretty good proof that you need to tell your AP that it should accept connections not only from the 192.168.1.0/24 network (= only local devices) - which is a nice security thing btw - but also from your other trusted networks, like your incoming VPN network 10.0.0.0/24,

    Printer admin interfaces : most probably the same issue.

    You were absolutely right! i had to enable "remote access" in the AP config to be able to conect trought the vpn

    Thanks a lot!!!



  • @nicolasvi Where exactly, and how, did you enable "remote access"? Is the what you call the "access point" the netgate box? is it running openvpn?



  • @amateur its an option inside the TP-Link Access Point , after i enabled it, i now can manage the ap trough the VPN.

    I have 2 other AP with no "RemoteAccess" Checkmark, that i cant manage


Log in to reply